Enterprise Linux Network Services
Course
Inhouse
Description
-
Type
Course
-
Methodology
Inhouse
-
Start date
Different dates available
This 5 day expansive course covers a wide range of network services useful to every organization. Special attention is paid to the concepts needed to implement these services securely, and to the trouble- shooting skills which will be necessary for real-world administration of these network services.
Facilities
Location
Start date
Start date
About this course
Experienced Linux system administrators needing to set up or manage secure, enterprise- level network servers.
Students should already be comfortable with basic Linux or UNIX administration, and have a good understanding of network concepts, the TCP/IP protocol suite is also assumed.
The course material is designed to provide extensive hands-on experience. Topics include: Security with SELinux and Netfilter, DNS concepts and implementation with Bind; LDAP concepts and implementation using OpenLDAP; Web services with Apache; FTP with vsftpd; caching, filtering proxies with Squid; SMB/CIFS (Windows networking) with Samba; and e-mail concepts and implementation with Postfix combined with either Dovecot or Cyrus.
Reviews
This centre's achievements
All courses are up to date
The average rating is higher than 3.7
More than 50 reviews in the last 12 months
This centre has featured on Emagister for 6 years
Subjects
- Access
- Options
- Linux
- Server
- Apache
- PHP
- Tomcat
- Database
- Database training
- Network
- Protocol
- DNS
- Syntax
- Network Training
Course programme
#text-block-8 { margin-bottom:0px; text-align:left; }
#text-block-11 { margin-bottom:0px; text-align:left; }
1. Securing Services
Xinetd
Xinetd Connection Limiting and Access
Control
Xinetd: Resource limits, redirection,
logging
TCP Wrappers
The /etc/hosts.allow & /etc/hosts.deny
Files
/etc/hosts.{allow,deny} Shortcuts Advanced TCP Wrappers Basic Firewall Activation
Netfilter: Stateful Packet Filter Firewall Netfilter Concepts
Using the iptables Command Netfilter Rule Syntax Targets
Common match_specs Connection Tracking AppArmor
SELinux Security Framework Choosing an SELinux Policy SELinux Commands SELinux Booleans
Graphical SELinux Policy Tools
2. DNS Concepts
Naming Services
DNS – A Better Way
The Domain Name Space Delegation and Zones Server Roles
Resolving Names
Resolving IP Addresses
Basic BIND Administration Configuring the Resolver Testing Resolution
3. Configuring Bind BIND Configuration Files named.conf Syntax
named.conf Options Block Creating a Site-Wide Cache rndc Key Configuration Zones In named.conf
Zone Database File Syntax SOA – Start of Authority
A & PTR – Address & Pointer
Records
NS – Name Server
CNAME & MX – Alias & Mail
Host
Abbreviations and Gotchas $ORIGIN and $GENERATE
4. Creating DNS Hierarchies
Subdomains and Delegation Subdomains
Delegating Zones
in-addr.arpa. Delegation Issues with in-addr.arpa. RFC2317 & in-addr.arpa.
5. Advanced Bind DNS Features
Address Match Lists & ACLs Split Namespace with Views Restricting Queries
Restricting Zone Transfers
Running BIND in a chroot jail Dynamic DNS Concepts
Allowing Dynamic DNS Updates DDNS Administration with nsupdate Common Problems Common Problems
Securing DNS with TSIG
6. LDAP Concepts and Clients
LDAP: History and Uses LDAP: Data Model Basics LDAP: Protocol Basics LDAP: Applications LDAP: Search Filters
LDIF: LDAP Data Interchange Format OpenLDAP Client Tools Alternative LDAP Tools
7. OpenLDAP Servers
Popular LDAP Server Implementations OpenLDAP: Server Architecture OpenLDAP: Backends OpenLDAP: Replication
OpenLDAP: Configuration Options OpenLDAP: Configuration Sections OpenLDAP: Global Parameters OpenLDAP: Database Parameters OpenLDAP Server Tools
Enabling LDAP-based Login
System Security Services Daemon
(SSSD)
8. Using Apache
HTTP Operation
Adding Modules to Apache Apache Configuration Files httpd.conf – Server Settings
httpd.conf – Main Configuration HTTP Virtual Servers Virtual Hosting DNS
Implications
httpd.conf – VirtualHost
Configuration
Port and IP based Virtual Hosts Name-based Virtual Host Apache Logging Log Analysis The Webalizer
9. Apache Security Virtual Hosting Security
Implications
Delegating Administration Directory Protection
Directory Protection with
AllowOverride
Common Uses for .htaccess Symmetric Encryption
Algorithms
Asymmetric Encryption
Algorithms Digital Certificates
SSL Using mod_ssl.so
#text-block-12 { margin-bottom:0px; text-align:left; }
10. Apache Server-Side Scripting
Administration
Dynamic HTTP Content
PHP: Hypertext Preprocessor Developer Tools for PHP Installing PHP
Configuring PHP Securing PHP
Security Related php.ini
Configuration
Java Servlets and JSP Apache’s Tomcat
Installing Java SDK
Installing Tomcat Manually Using Tomcat with Apache
Apache Architecture
Dynamic Shared Objects
11. Implementing an FTP server
The FTP Protocol Active Mode FTP Passive Mode FTP ProFTPD
Pure-FTPd vsftpd
Configuring vsftpd
Anonymous FTP with vsftpd
1 2. The Squid Proxy Server
Squid Overview Squid File Layout
Squid Access Control Lists Applying Squid ACLs
Tuning Squid & Configuring Cache
Hierarchies
Bandwidth Metering Monitoring Squid
Proxy Client Configuration
13. Samba Concepts and Configuration
Introducing Samba Samba Daemons
NetBIOS and NetBEUI
Accessing Windows/Samba Shares from
Linux
Samba Utilities
Samba Configuration Files The smb.conf File
Mapping Permissions and ACLs Mapping Linux Concepts Mapping Case Sensitivity Mapping Users
Sharing Home Directories Sharing Printers
Share Authentication Share-Level Access User-Level Access
Samba Account Database User Share Restrictions
14. SMTP Theory
SMTP
SMTP Terminology SMTP Architecture SMTP Commands SMTP Extensions
SMTP AUTH
SMTP STARTTLS SMTP Session
15. POSTFIX
Postfix Features
Postfix Architecture Postfix Components Postfix Configuration master.cf main.cf
Postfix Map Types
Postfix Pattern Matching Advanced Postfix Options Virtual Domains
Postfix Mail Filtering
Configuration Commands Management Commands Postfix Logging Logfile Analysis chrooting Postfix
Postfix, Relaying and SMTP
AUTH
SMTP AUTH Server and Relay
Control
SMTP AUTH Clients Postfix / TLS
TLS Server Configuration
Postfix Client Configuration for
TLS
Other TLS Clients
Ensuring TLS Security
16. Mail Services and Retrieval
Filtering Email Procmail
SpamAssassin Bogofilter
amavisd-new Mail Filtering Accessing Email
The IMAP4 Protocol
Dovecot POP3/IMAP Server Cyrus IMAP/POP3 Server
Cyrus IMAP MTA Integration Cyrus Mailbox Administration Fetchmail
SquirrelMail
Mailing Lists
GNU Mailman
Mailman Configuration
Appendix A – Sendmail
Sendmail Architecture Sendmail Components Sendmail Configuration
Sendmail Remote Configuration Controlling Access
Sendmail Mail Filter (milter)
Configuring Sendmail SMTP AUTH Configuring SMTP STARTTLS
Appendix B – NIS
NIS Overview
NIS Limitations and Advantages NIS Client Configuration NIS Server Configuration NIS Troubleshooting Aids
Aliases
Enterprise Linux Network Services